#!/bin/sh

ipsec whack --label "\"LEFT\" leftrsasigkey"   --keyid "@east.uml.freeswan.org"   --pubkeyrsa "0x030100019ECF78958330EEBD1A33DB5D668DD149C79CD8F79403444C802D96E25BA4B7D5795A51B9BB184EBBB8918C542BDF7D19AFF6DFF030EE666B23EC10DEE845DFA4EEC70EFA96CDC5B2026E5B1A9DCCBC6567133CAFF95734651FB4B3E47F16D3C1782C7CA72A84909FADA3CB147D10842455379E845B763DD5808830CC910076D1"
ipsec whack --label "\"RIGHT\" rightrsasigkey" --keyid "@west.uml.freeswan.org"    --pubkeyrsa "0x030100019ECF78958330EEBD1A33DB5D668DD149C79CD8F79403444C802D96E25BA4B7D5795A51B9BB184EBBB8918C542BDF7D19AFF6DFF030EE666B23EC10DEE845DFA4EEC70EFA96CDC5B2026E5B1A9DCCBC6567133CAFF95734651FB4B3E47F16D3C1782C7CA72A84909FADA3CB147D10842455379E845B763DD5808831CC910076D1"

for conn in d f o q b a
do
   ipsec whack --name $conn --encrypt --tunnel --pfs --rsasig \
        --host "192.139.46.20"  --nexthop "192.139.46.17" --updown "ipsec _updown" --id "@east.uml.freeswan.org"  \
        --to --host "192.139.46.28"  --nexthop "%direct" --updown "ipsec _updown" --id "@west.uml.freeswan.org"  \
        --ipseclifetime "28800" --rekeymargin "540" \
        --keyingtries "0"    
done

